using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using OWED.Network;
using MySql.Data.MySqlClient; // include mysql library

public partial class SignUp : System.Web.UI.Page
{
	/// <summary>
	/// Sign up submit button
	/// </summary>
	protected System.Web.UI.WebControls.Button SignUpSubmit;

	/// <summary>
	/// username text field
	/// </summary>
	protected System.Web.UI.HtmlControls.HtmlInputText username;

	/// <summary>
	/// password text field
	/// </summary>
	protected System.Web.UI.HtmlControls.HtmlInputText password;

	/// <summary>
	///  re type password field
	/// </summary>
	protected System.Web.UI.HtmlControls.HtmlInputText repassword;

	/// <summary>
	/// signup message
	/// </summary>
	protected System.Web.UI.WebControls.Label SignUpMessage;
	
	/// <summary>
	/// connection string
	/// </summary>
	private String connStr;

	/// <summary>
	/// MySQL connection
	/// </summary>
	private MySqlConnection mySQL;

	/// <summary>
	/// build connnectigng stirng
	/// </summary>
	/// <param name="sender"></param>
	/// <param name="e"></param>
	private void Page_Load(object sender, System.EventArgs e)
	{
		connStr = String.Format("server={0};user id={1}; password={2}; database=cs430; pooling=false", "cs430.student.iastate.edu", "cs430", "cs430");
	}

	override protected void OnInit(EventArgs e)
	{
		InitializeComponent();
		base.OnInit(e);
	}

	/// <summary>
	/// connect event handlers
	/// </summary>
	private void InitializeComponent()
	{
		this.SignUpSubmit.Click += new System.EventHandler(this.SignUp_Click);
		this.Load += new System.EventHandler(this.Page_Load);
	}

	/// <summary>
	/// the main sign up function
	/// </summary>
	/// <param name="sender"></param>
	/// <param name="e"></param>
	private void SignUp_Click(object sender, System.EventArgs e)
	{
		username.Value = Server.HtmlEncode(username.Value); // sanitize
		password.Value = Server.HtmlEncode(password.Value);
		SignUpMessage.Text = "";

		// check if the password is not null and re-type password is same as password
		if (password.Value != repassword.Value || password.Value == "" || username.Value == "") {
			SignUpMessage.Text = "<h2>Error</h2>Passwords do not match";
			return;
		}

		// connect to mysql
		mySQL = new MySqlConnection(connStr);
		mySQL.Open();
		MySqlDataReader reader = null;

		//peform sql query
		MySqlCommand cmd = new MySqlCommand("SELECT * FROM User WHERE Username = '" + username.Value + "'", mySQL);
		try {
			reader = cmd.ExecuteReader();
			if (reader.HasRows) {
				SignUpMessage.Text = "<h2>Error</h2>Username already exists"; // usernmae exists
				return;
			}
		} catch (MySqlException ex) {
			SignUpMessage.Text = ex.Message;
			return;
		}

		// close reader, mysql doesn't like it
		reader.Close();

		// add the new user to the database
		MySqlCommand cmd2 = new MySqlCommand("INSERT INTO User (Username, Password) VALUES ('" + username.Value + "', '" + password.Value + "')", mySQL);
		cmd2.ExecuteNonQuery();
		mySQL.Close();

		// show success message
		SignUpMessage.Text = "<h2>Account created</h2><a href=\"Login.aspx\">Login</a> to proceed";
	}
}
